Subscribe To CCIERANTS

Wednesday, August 10, 2011

Bidirectional Forwarding Detection

Hi Guys

So right now I am doing a Cisco Nexus 1000,5000,7000 Training course and during this course I came across for the first time a protocol you may or may not have heard of called Bidirectional Forwarding Detection that can be _VERY_ Useful to all you BGP guys out there, heck to anyone running a routing protocol.

When I first started looking into this protocol, it appeared it was something juniper had actually developed, I was like finally a protocol Juniper developed! But Alas, Junipers own slides refer to the fact it's a joint effort between Juniper and Cisco (Source: http://meetings.ripe.net/ripe-48/presentations/ripe48-eof-bfd.pdf Last Page) But it is great to see them working together to help us network engineers get even better protocols and products!

So, what is Bidirectional Forwarding Detection and why should I care?

So let's say you have dual homed internet connections, via BGP for example, or maybe you have two connections via OSPF for your internal network, whatever the case may be, you might have run into this problem:

Time it takes to detect a dead peer is painfully long!

Sure sure, you can tweak the timers for OSPF and to a certain extent BGP, but wouldn't it be nice if there was a way to easily add this capability without having to affect BGP/OSPF

Enter BFD, BFD provides _VERY_ fast dead peer detection, and can then feed this information into your routing protocol which can then know the peer is dead very quickly and converge

It is super easy to configure, works on all all media types, encapsulations, topologies, and routing protocols.

Let's get onto some configuration!

Here I have two routers connected via a single gigabit link running BGP and OSPF, nothing special so far:

So currently the only supported BFD mode is Asynchronous mode, this means that BOTH ends must be configured to support it, so if your ISP on your BGP won't provide it at the moment your shit out of luck. But I believe there is a mode of BFD called demand mode that might address this.

So, to configure it, first we go to the interface that has our peering relationship and enter:

bfd interval <50-999> min_rx <1-999> multiplier <3-50>

So the BFD interval is how often we send BFD's, the min_rx is how often we except to receive the BFD's (it can be more frequently though that is fine, but we are basically saying if we dont receive one within this time frame consider it a timeout) and then finally we have a multiplier which is how many we can miss before we consider the interface down

Now unfortunately, and I would love to see if someone can correct me, but doing this alone is not enough to turn on BFD and actually see if the other end has it turned on, what you need to do is:

router ospf 1bfd all-interface
!

This turns on BFD for any interface that has a BFD interval configured.

What NX-OS version were you running? In 6.x you don't have the "bfd all-interface" command available under the ospf process. Instead, you only enter "bfd" and then go to each OSPF enabled interface and say "ip ospf bfd" in there.